In a significant move aimed at enhancing national security, the U.S. government, led by President Biden, has initiated steps to curb foreign access to sensitive personal and government-related data. On February 28, 2024, President Biden signed an Executive Order, accompanied by a detailed fact sheet, that outlines new restrictions targeting countries of concern, including China (with Hong Kong and Macau), Russia, Iran, North Korea, Cuba, and Venezuela. This initiative aims to prevent the exploitation of data that could potentially harm U.S. national security.
The Department of Justice (DOJ) followed up with an Advance Notice of Proposed Rulemaking (ANPRM) the next day, which includes a fact sheet and seeks public comments on a proposed regulatory framework. This framework intends to prohibit or restrict transactions posing unacceptable risks of sensitive data exploitation by identified countries of concern or related entities. The public comment period is set to end on April 19, 2024.
The proposed regulations are designed to address the vulnerabilities in data access through various commercial and investment activities, which until now were only partially regulated by the Committee on Foreign Investment in the United States (CFIUS). The new measures aim to close gaps in current legislation, particularly in areas where data transactions are unregulated at the federal level.
